© 2022 - USMAIL24.COM. All Rights Reserved.
A hacker claiming to be 18 years old hacked into Uber’s computer network on Thursday, prompting the app hail to shut down his company’s system after the cyber attacker shot at employees with obscene images and messages.
Uber employees were confronted with images of male genitalia and a message that read, “F**K YOU DUMB WANKERS,” said Sam Curry, an engineer at Yuga Labs who communicated with the hacker.
The tech company has asked the police and the judiciary to investigate the hack.
There was no indication that the transport company’s fleet or its operation was affected in any way.
Uber announced on Twitter that they had been hacked and would report the incident to the police. The hacker sent messages to the ride-hail company’s employees, informing them that the company’s computer system had been infiltrated. Some employees mocked the hacker, thinking it was a joke
“They have almost full access to Uber,” Curry said The New York Times. “This is a total compromise, it seems.” That includes getting full access to Amazon and Google-hosted cloud environments where Uber stores its source code and customer data, he said.
According to the Times, the hacker was able to infiltrate the system by texting an employee claiming to be from the company’s IT team and convincing them to share their password.
Once inside, he sent a message alerting staff that their system had been compromised.
A hacker claiming to be 18 years old hacked into Uber’s computer network on Thursday, forcing the app-hail to shut down his company’s system
Uber employees initially thought the episode was a joke and “instead of doing something, a lot of the staff interacted with the hacker”
“I announce that I am a hacker and that Uber has suffered a data breach,” the statement reads.
Uber employees initially thought the episode was a joke and “instead of doing something, a lot of the staff interacted with the hacker,” according to a text message sent to Curry by an employee of the company.
Curry said he spoke to several Uber employees who said they were “working to shut everything down internally” to restrict the hacker’s access, including the company’s internal messaging network Slack, he said.
The hacker was able to infiltrate the system by texting an employee claiming to be from the company’s IT team and convincing him to share his password
Uber employees received this text message from the company’s IT department after the hack
URGENT: All Uber employees must stop using Slack until further notice. We are working on a fix for an issue and will be sending additional updates.”
He said there was no indication that the hacker had caused any damage or was interested in anything other than publicity.
“My gut says it seems like they want to get as much attention as possible,” Curry said.
The hacker had notified Curry and other security researchers of the intrusion by using an internal Uber account to comment on vulnerabilities they had previously identified on the company’s network through the bug bounty program, which ethical hackers pays to identify vulnerabilities.
The saboteur also said that Uber should pay its drivers more.
The hacker gave a Telegram account address, and Curry and other investigators then entered into a separate conversation, sharing screenshots from various pages of Uber’s cloud providers to prove they were breaking in.
The Associated Press tried to contact the hacker on the Telegram account where Curry and the other researchers chatted with them, but no one responded.
A screenshot posted to Twitter and confirmed by researchers shows a chat with the hacker in which they say they obtained an administrative user’s credentials and then used social engineering to access Uber’s internal network.
Uber said via email that it is “currently responding to a cybersecurity incident.” We are in contact with the police.’ It said it would provide updates on its Uber Comms twitter feed.
The company got another crippling hack in 2016, but lied about it and tried to cover it up, according to the Times.
In that case, the hackers stole the information for nearly 600,000 riders and drivers and then extorted $100,000 from the company in exchange for the data.
Uber’s then-cybersecurity chief was subsequently fired and charged with obstruction of justice for failing to disclose the breach to the Federal Trade Commission.